disable france connect authentication for admin and instructeurs

2021-02-01 14:28:04 +01:00 · 2021-02-01 14:28:04 +01:00 · a288a13805
commit a288a13805
parent 86a3ecb0be
8 changed files with 79 additions and 14 deletions
--- a/spec/controllers/france_connect/particulier_controller_spec.rb
+++ b/spec/controllers/france_connect/particulier_controller_spec.rb
@ -55,7 +55,7 @@ describe FranceConnect::ParticulierController, type: :controller do
        it { expect { subject }.not_to change { FranceConnectInformation.count } }

        context 'when france_connect_particulier_id have an associate user' do
-          let!(:user) { create(:user, email: 'plop@plop.com', france_connect_information: france_connect_information) }
+          let!(:user) { create(:user, email: email, france_connect_information: france_connect_information) }

          it do
            subject
@ -84,6 +84,17 @@ describe FranceConnect::ParticulierController, type: :controller do
              expect(user.reload.loged_in_with_france_connect).to eq(User.loged_in_with_france_connects.fetch(:particulier))
              expect(subject).to redirect_to(root_path)
            end
+
+            context 'and the user is also instructeur' do
+              let(:instructeur) { create(:instructeur) }
+              let(:email) { instructeur.email }
+              let(:user) { instructeur.user }
+              before { subject }
+
+              it { expect(response).to redirect_to(new_user_session_path) }
+
+              it { expect(flash[:alert]).to be_present }
+            end
          end

          context 'when a differently cased email address is already used' do
--- a/spec/models/france_connect_information_spec.rb
+++ b/spec/models/france_connect_information_spec.rb
@ -6,4 +6,27 @@ describe FranceConnectInformation, type: :model do
      it { is_expected.to allow_value('mon super projet').for(:france_connect_particulier_id) }
    end
  end
+
+  describe 'associate_user!' do
+    context 'when there is no user with same email' do
+      let(:fci) { create(:france_connect_information) }
+      let(:subject) { fci.associate_user! }
+
+      it { expect { subject }.to change(User, :count).by(1) }
+      it do
+        subject
+        expect(fci.user.email).to eq(fci.email_france_connect)
+      end
+    end
+
+    context 'when a user with same email (but who is not an instructeur) exist' do
+      let(:user) { create(:user) }
+      let(:fci) { build(:france_connect_information, email_france_connect: user.email) }
+      let(:subject) { fci.associate_user! }
+
+      before { subject }
+
+      it { expect(fci.user).to eq(user) }
+    end
+  end
 end
--- a/spec/services/france_connect_service_spec.rb
+++ b/spec/services/france_connect_service_spec.rb
@ -15,7 +15,7 @@ describe FranceConnectService do
    let(:user_info_hash) { { sub: france_connect_particulier_id, given_name: given_name, family_name: family_name, birthdate: birthdate, gender: gender, birthplace: birthplace, email: email, phone: phone } }
    let(:user_info) { instance_double('OpenIDConnect::ResponseObject::UserInfo', raw_attributes: user_info_hash) }

-    subject { described_class.retrieve_user_informations_particulier code }
+    subject { described_class.find_or_retrieve_france_connect_information code }

    before do
      allow_any_instance_of(FranceConnectParticulierClient).to receive(:access_token!).and_return(access_token)